Select Page

Project 2 Start HereIn the prior project, you used network forensics to inform an incident report detailing how you captured, recorded, and analyzed events that occurred on a network. Based on this analysis, you determined that there has been a breach of the network.Gathering this information is only the first step. Next, you must use the network forensic evidence you gathered to understand how the attack was conducted to better understand exactly what took place during the attack. There are several ways to identify the source of attacks. One of the challenges with network forensics is making sense of the data, which often comes from multiple sources, not to mention the fact that incidents of interest may occur at different times.In this project, you will analyze suspicious software in a virtualized environment to determine whether the code is in fact malware.The final report will summarize how you used your knowledge and skills in malware forensics to analyze the attack and determine what occurred and when. It will also offer recommendations on ways to improve the organization’s defense posture and response.This project consist of five steps:
Steps 1 through 4 consist of analyzing the network intrusion for a possible malware attack. As you proceed, document your research and findings.
In step 5, you will compile your analysis and findings to complete a comprehensive incident response report.
Now that you have an idea of the task ahead, review the scenario to get started.TranscriptWhen you submit your project, your work will be evaluated using the competencies listed below. You can use the list below to self-check your work before submission.5.6: Use of multiple digital forensic tools and techniques for imaging.5.7: Use forensic tools and techniques to carry out an email investigation.6.1: Perform report creation, affidavit creation, and preparation to testify.6.2: Demonstrate ability to investigate mobile technology.